Re: Need advice for secure database backups.

I can't see how you would perform an export from a connected internal SQLDBA session ?

I know some UNIX platforms have a habit of displaying argv values in ps output, they should really be discouraged from doing that.

Anyway, to avoid having to embed a un/pw in export scripts, or to have to run it interactively and risk ps display, create a DBA type user who is identified externally (i.e. by the Operating System). Then have a C program (owned and setuid to this new DBA user) issue the 'exp / full=y' etc. command.

In article <43q61k$s00_at_nntp.interaccess.com>, akaplan_at_flowbee.interaccess.com (Ari Kaplan) wrote:

> cuppettm_at_richmond.infi.net (Michael S. Cuppett) writes:
>
> >Environment: Oracle 7.x on a HP H40 running HP-UX 9.0.4
 

> >What is the most secure method of backing up a database? I need to
> >implement backups that will include exports and operating system backups.
> >I don't want to embed passwords into shell scripts or parfiles, nor do I
> >want to run the backup from the command line because the loginid/password
> >can be seen with the ps command.
 

> >I looking at cron as a possiblity. Any advice would be appreciated.
 

> >Thanks!
> >--
> >Michael S. Cuppett
> >cuppettm_at_richmond.infi.net
> >Oracle Database Manager
> >Department of Information Technology
> >City of Richmond, Virginia
>
> There are many secure ways to do a backup of an Oracle database.
> Definitely avoid hard-coding passwords anywhere. A common method would be
> to use the "connect internal" function of SQLDBA in scripts to avoid
> using passwords. Only users in the dba group would be able to use the
> script. For example, to start the database, you can put in your script:
>
> sqldba << EOF
> connect internal;
> startup;
> EOF
>
>
> Hope this helps!
>
> -Ari Kaplan
> akaplan_at_interaccess.com
Received on Thu Sep 21 1995 - 00:00:00 CEST